Passwordless authentication rising with FIDO and biometrics tackling security risks, report says
Passwordless authentication technologies, and particularly physical tokens, some of which are secured with biometrics, are on the rise, according to a new report by passwordless technology company HYPR and Cybersecurity Insiders.
“The 2021 State of Passwordless Security” report brings together the expertise of 425 information technology professionals from a variety of fields, and a community of 500,000 members.
The new research shows that 90 percent of respondents experienced phishing attacks against their companies in 2020, of which 29 percent were related to credentials theft.
Moreover, 91 percent of those surveyed believed preventing this type of attack is highly dependent on multi factor authentication (MFA), but only 52 percent of those would be actively using these technologies.
Among MFA authentication adopters, 36 percent of those surveyed said they were using smartphones as FIDO tokens, 17 percent hardware security keys like Yubico’s Yubikey, some of which include biometrics, and 17 percent built-in authenticators such as Windows Hello, which also support biometrics.
According to the report, the sharp increment in the remote workforce would coincide with a trend in awareness on the part of several firms.
“Prior to the COVID-19 pandemic, passwords and shared secrets were the number one cause of breaches despite billions of dollars invested in cybersecurity,” explained George Avetisov, HYPR co-founder and CEO. “This report highlights that many organizations are now re-allocating funds and investing passwordless technologies.”
The trend would be further strengthened by the fact that 78 percent of global CEOs surveyed by PWC in a separate report believe that remote working will continue even after the end of the pandemic.
The report echoes some of the latest efforts of biometric companies, who have in the past few months stepped up their development efforts in the direction of passwordless authentication.
For example, last November, AuthenTrend worked with Microsoft to foster the development of passwordless infrastructures, and Innovatrics deployed Daltrey’s biometrics-as-a-service for passwordless access control.
More recently, Australia’s myGov platform launched a passwordless digital identity solution, and VinCSS released a new flagship fingerprint biometric security key certified for FIDO2 passwordless authentication.